<?php

/*----------------------------------------------+
|  MaxForum					|
|  ===========================================	|
|  By Majd Almontaser				|
|  Released under the License GNU v3.0		|
|  http://www.Max4Dev.com			|
|  ===========================================	|
|  Ttmtt Team - http://www.liioiil.com		|
+-----------------------------------------------*/

if (!defined('MAX_ON')){
	echo "<h1>ACCESS DENIED</h1>You cannot access this file directly.";
	exit();
}

switch ($_GET['sub'])
{
	case 'edit-image':
	
		#-------------------------------------
		# Errm, permission to enter?
		#-------------------------------------
		
			if ($Gallery->p('editImage') != 1) max_redirect('index.php?page=gallery&act=my-images', 'gallery/my-images');
	
		if ($_SERVER['REQUEST_METHOD'] == 'POST')
		{
			#----------------------------------
			# Collect and sanitise data
			#----------------------------------
			
				$id		= (int) $_POST['id'];
				$title	= escape_string($_POST['title']);
				$desc	= escape_string($_POST['description']);
				$album	= (int) $_POST['album'];
			
			#----------------------------------
			# Update the database
			#----------------------------------
			
				mysql_query('UPDATE ' . $db_prefix . 'gallery_images SET title = "' . $title . '", description = "' . $desc . '", album = ' . $album . ' WHERE id = ' . $id . ' AND user = ' . $my_id . ' LIMIT 1');
				
			#----------------------------------
			# And redirect
			#----------------------------------
			
				max_redirect('index.php?page=gallery&act=my-images', 'gallery/my-images');
		}
		else
		{
			$id = (int) $_GET['id'];
			
			#--------------------------------
			# Get image information
			#--------------------------------
			
				$query = mysql_query('SELECT title, description, album, user FROM ' . $db_prefix . 'gallery_images WHERE id = ' . $id . ' AND user = ' . $my_id . ' LIMIT 1');
				
				$row = mysql_fetch_assoc($query);
				
					$row				= array_map('strip_slashes', $row);
					$row['description']	= str_replace('<br />', '', $row['description']);
					
			$url		= 'gallery&act=my-images&sub=edit-image&id=' . $id;
			$url_seo	= 'gallery/my-images/edit-image/' . $id;
				
			# Starting hooks
			$Gallery->template('pages/gallery/my-images-edit.template.php')->hook('start', 1);
				
			#--------------------------------
			# Get albums
			#--------------------------------
			
				$query = mysql_query('SELECT id, name FROM ' . $db_prefix . 'gallery_albums');
				
				while ($albums = mysql_fetch_assoc($query))
				{
					$albums['name'] = strip_slashes($albums['name']);
					$Gallery->hook(2);
				}
			
			$Gallery->hook(3, 'end');
		}
		
		break;
	
	case 'delete-image':
	
		$id = (int) $_GET['id'];
		
		#----------------------------------------------------
		# Get the location of the image so we can
		# delete it from the server
		#----------------------------------------------------
		
			$query = mysql_query('SELECT image FROM ' . $db_prefix . 'gallery_images WHERE id = ' . $id . ' AND user = ' . $my_id . ' LIMIT 1');
			
			$row = mysql_fetch_assoc($query);
			
				# No data means image doesn't exist, or they don't own this image
				if (empty($row)) max_redirect('index.php?page=gallery&act=my-images', 'gallery/my-images');
			
			#---------------------------
			# Get rid of them
			#---------------------------
			
				$dir = 'uploads/gallery/images/';
			
				unlink($dir . $row['image']);
				unlink($dir . 't_' . $row['image']);
				
				# Reflection might not exist, so suppress any errors
				@unlink($dir . 'r_' . $row['image']);
				
		#-------------------------------------------------------
		# Now delete the record from the database
		#-------------------------------------------------------
		
			mysql_query('DELETE FROM ' . $db_prefix . 'gallery_images WHERE id = ' . $id . ' AND user = ' . $my_id . ' LIMIT 1');
			
			# Remove ratings
			mysql_query('DELETE FROM ' . $db_prefix . 'gallery_images_ratings WHERE image = ' . $id . ' LIMIT 1');
		
		max_redirect('index.php?page=gallery&act=my-images', 'gallery/my-images');
		
		break;
	
	default:

		# Load star rater
		require 'rater/_drawrating.php';

		# Starting hooks
		$Gallery->template('pages/gallery/my-images.template.php')->hook('start', 1);

		#----------------------------------
		# Get the user's images
		#----------------------------------

			$query = mysql_query('SELECT id, title, time FROM ' . $db_prefix . 'gallery_images WHERE user = ' . $my_id . ' ORDER BY title ASC');
			
			while ($row = mysql_fetch_assoc($query))
			{
				$row['title']	= strip_slashes($row['title']);
				$row['time']	= format_date($row['time']);
				
				$Gallery->hook(2);
			}
			
		# Ending hooks
		$Gallery->hook(3, 'end');
		
		break;
}
?>
